package com.movie.controller;

import com.movie.entity.Movie;
import com.movie.service.MovieService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

import java.util.List;

@RestController
@RequestMapping("/api/admin/movies") // 管理员接口的基础路径
@CrossOrigin(origins = "http://localhost:5173", allowCredentials = "true") // 允许前端访问
@PreAuthorize("hasRole('ADMIN')") // 类级别权限控制，要求 ADMIN 角色
public class AdminMovieController {

    @Autowired
    private MovieService movieService;

    // 添加电影
    @PostMapping
    public ResponseEntity<Movie> addMovie(@RequestBody Movie movie) {
        Movie addedMovie = movieService.addMovie(movie);
        // 可以在这里返回 CREATED 状态码和 Location 头，更符合 RESTful 风格
        // URI location = ServletUriComponentsBuilder.fromCurrentRequest()
        //         .path("/{id}")
        //         .buildAndExpand(addedMovie.getId())
        //         .toUri();
        // return ResponseEntity.created(location).body(addedMovie);
        return ResponseEntity.ok(addedMovie);
    }

    // 更新电影
    @PutMapping("/{id}")
    public ResponseEntity<Movie> updateMovie(@PathVariable Long id, @RequestBody Movie movie) {
        // 确保路径变量 ID 和请求体中的 ID 一致或使用路径变量 ID
        movie.setId(id);
        Movie updatedMovie = movieService.updateMovie(movie);
        // 不需要显式检查 null，如果 Service 找不到会抛异常，由全局异常处理器捕获返回 404
        return ResponseEntity.ok(updatedMovie);
    }

    // 删除电影
    @DeleteMapping("/{id}")
    public ResponseEntity<?> deleteMovie(@PathVariable Long id) {
        movieService.deleteMovie(id);
        // 删除成功返回 204 No Content 更合适
        return ResponseEntity.noContent().build();
        // 或者返回 200 OK 带消息
        // return ResponseEntity.ok("Movie with id " + id + " deleted successfully.");
    }

    // 如果需要，管理员也可以获取所有电影或按ID获取
    @GetMapping
    @PreAuthorize("hasRole('ADMIN')") // 明确管理员权限
    public ResponseEntity<List<Movie>> getAllMovies() {
        List<Movie> movies = movieService.getAllMovies();
        return ResponseEntity.ok(movies);
    }

    @GetMapping("/{id}")
    @PreAuthorize("hasRole('ADMIN')") // 明确管理员权限
    public ResponseEntity<Movie> getMovieById(@PathVariable Long id) {
        Movie movie = movieService.getMovieById(id);
        return ResponseEntity.ok(movie); // Service层会处理找不到的情况
    }

    // 批量删除电影
    @PostMapping("/batch-delete")
    @PreAuthorize("hasRole('ADMIN')")
    public ResponseEntity<?> batchDeleteMovies(@RequestBody BatchDeleteRequest request) {
        List<Long> ids = request.getIds();
        if (ids == null || ids.isEmpty()) {
            return ResponseEntity.badRequest().body("No IDs provided for deletion");
        }
        
        for (Long id : ids) {
            movieService.deleteMovie(id);
        }
        
        return ResponseEntity.ok("Successfully deleted " + ids.size() + " movies");
    }
    
    // 批量删除请求的内部类
    public static class BatchDeleteRequest {
        private List<Long> ids;
        
        public List<Long> getIds() {
            return ids;
        }
        
        public void setIds(List<Long> ids) {
            this.ids = ids;
        }
    }
} 